1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/safe_browsing/ui_manager.h"
8 #include "base/bind_helpers.h"
9 #include "base/callback.h"
10 #include "base/debug/leak_tracker.h"
11 #include "base/stl_util.h"
12 #include "base/strings/string_util.h"
13 #include "base/threading/thread.h"
14 #include "base/threading/thread_restrictions.h"
15 #include "chrome/browser/browser_process.h"
16 #include "chrome/browser/safe_browsing/malware_details.h"
17 #include "chrome/browser/safe_browsing/metadata.pb.h"
18 #include "chrome/browser/safe_browsing/ping_manager.h"
19 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
20 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
21 #include "chrome/browser/tab_contents/tab_util.h"
22 #include "chrome/common/url_constants.h"
23 #include "components/metrics/metrics_service.h"
24 #include "content/public/browser/browser_thread.h"
25 #include "content/public/browser/navigation_entry.h"
26 #include "content/public/browser/notification_service.h"
27 #include "content/public/browser/web_contents.h"
28 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
29 #include "net/ssl/ssl_info.h"
30 #include "net/url_request/url_request_context.h"
31 #include "net/url_request/url_request_context_getter.h"
33 using content::BrowserThread
;
34 using content::NavigationEntry
;
35 using content::WebContents
;
37 struct SafeBrowsingUIManager::WhiteListedEntry
{
38 int render_process_host_id
;
41 SBThreatType threat_type
;
44 SafeBrowsingUIManager::UnsafeResource::UnsafeResource()
45 : is_subresource(false),
46 threat_type(SB_THREAT_TYPE_SAFE
),
47 render_process_host_id(-1),
51 SafeBrowsingUIManager::UnsafeResource::~UnsafeResource() { }
53 SafeBrowsingUIManager::SafeBrowsingUIManager(
54 const scoped_refptr
<SafeBrowsingService
>& service
)
55 : sb_service_(service
) {
58 SafeBrowsingUIManager::~SafeBrowsingUIManager() { }
60 void SafeBrowsingUIManager::StopOnIOThread(bool shutdown
) {
61 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
67 void SafeBrowsingUIManager::LogPauseDelay(base::TimeDelta time
) {
68 UMA_HISTOGRAM_LONG_TIMES("SB2.Delay", time
);
71 // Only report SafeBrowsing related stats when UMA is enabled. User must also
72 // ensure that safe browsing is enabled from the calling profile.
73 bool SafeBrowsingUIManager::CanReportStats() const {
74 const metrics::MetricsService
* metrics
= g_browser_process
->metrics_service();
75 return metrics
&& metrics
->reporting_active();
78 void SafeBrowsingUIManager::OnBlockingPageDone(
79 const std::vector
<UnsafeResource
>& resources
,
81 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
82 for (std::vector
<UnsafeResource
>::const_iterator iter
= resources
.begin();
83 iter
!= resources
.end(); ++iter
) {
84 const UnsafeResource
& resource
= *iter
;
85 if (!resource
.callback
.is_null())
86 resource
.callback
.Run(proceed
);
89 BrowserThread::PostTask(
92 base::Bind(&SafeBrowsingUIManager::UpdateWhitelist
, this, resource
));
97 void SafeBrowsingUIManager::DisplayBlockingPage(
98 const UnsafeResource
& resource
) {
99 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
100 if (resource
.is_subresource
&& !resource
.is_subframe
) {
101 // Sites tagged as serving Unwanted Software should only show a warning for
102 // main-frame or sub-frame resource. Similar warning restrictions should be
103 // applied to malware sites tagged as "landing sites" (see "Types of
104 // Malware sites" under
105 // https://developers.google.com/safe-browsing/developers_guide_v3#UserWarnings).
106 safe_browsing::MalwarePatternType proto
;
107 if (resource
.threat_type
== SB_THREAT_TYPE_URL_UNWANTED
||
108 (resource
.threat_type
== SB_THREAT_TYPE_URL_MALWARE
&&
109 !resource
.threat_metadata
.empty() &&
110 proto
.ParseFromString(resource
.threat_metadata
) &&
111 proto
.pattern_type() == safe_browsing::MalwarePatternType::LANDING
)) {
112 if (!resource
.callback
.is_null()) {
113 BrowserThread::PostTask(
114 BrowserThread::IO
, FROM_HERE
, base::Bind(resource
.callback
, true));
120 // Indicate to interested observers that the resource in question matched the
122 if (resource
.threat_type
!= SB_THREAT_TYPE_SAFE
) {
123 FOR_EACH_OBSERVER(Observer
, observer_list_
, OnSafeBrowsingMatch(resource
));
126 // Check if the user has already ignored our warning for this render_view
128 if (IsWhitelisted(resource
)) {
129 if (!resource
.callback
.is_null()) {
130 BrowserThread::PostTask(
131 BrowserThread::IO
, FROM_HERE
, base::Bind(resource
.callback
, true));
136 // The tab might have been closed.
137 WebContents
* web_contents
=
138 tab_util::GetWebContentsByID(resource
.render_process_host_id
,
139 resource
.render_view_id
);
142 // The tab is gone and we did not have a chance at showing the interstitial.
143 // Just act as if "Don't Proceed" were chosen.
144 std::vector
<UnsafeResource
> resources
;
145 resources
.push_back(resource
);
146 BrowserThread::PostTask(
147 BrowserThread::IO
, FROM_HERE
,
148 base::Bind(&SafeBrowsingUIManager::OnBlockingPageDone
,
149 this, resources
, false));
153 if (resource
.threat_type
!= SB_THREAT_TYPE_SAFE
&&
155 GURL page_url
= web_contents
->GetURL();
157 NavigationEntry
* entry
= web_contents
->GetController().GetActiveEntry();
159 referrer_url
= entry
->GetReferrer().url
;
161 // When the malicious url is on the main frame, and resource.original_url
162 // is not the same as the resource.url, that means we have a redirect from
163 // resource.original_url to resource.url.
164 // Also, at this point, page_url points to the _previous_ page that we
165 // were on. We replace page_url with resource.original_url and referrer
167 if (!resource
.is_subresource
&&
168 !resource
.original_url
.is_empty() &&
169 resource
.original_url
!= resource
.url
) {
170 referrer_url
= page_url
;
171 page_url
= resource
.original_url
;
173 ReportSafeBrowsingHit(resource
.url
, page_url
, referrer_url
,
174 resource
.is_subresource
, resource
.threat_type
,
175 std::string() /* post_data */);
178 if (resource
.threat_type
!= SB_THREAT_TYPE_SAFE
) {
179 FOR_EACH_OBSERVER(Observer
, observer_list_
, OnSafeBrowsingHit(resource
));
181 SafeBrowsingBlockingPage::ShowBlockingPage(this, resource
);
184 // A safebrowsing hit is sent after a blocking page for malware/phishing
185 // or after the warning dialog for download urls, only for UMA users.
186 void SafeBrowsingUIManager::ReportSafeBrowsingHit(
187 const GURL
& malicious_url
,
188 const GURL
& page_url
,
189 const GURL
& referrer_url
,
191 SBThreatType threat_type
,
192 const std::string
& post_data
) {
193 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
194 if (!CanReportStats())
197 BrowserThread::PostTask(
198 BrowserThread::IO
, FROM_HERE
,
199 base::Bind(&SafeBrowsingUIManager::ReportSafeBrowsingHitOnIOThread
, this,
200 malicious_url
, page_url
, referrer_url
, is_subresource
,
201 threat_type
, post_data
));
204 void SafeBrowsingUIManager::ReportInvalidCertificateChain(
205 const std::string
& serialized_report
,
206 const base::Closure
& callback
) {
207 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
208 BrowserThread::PostTaskAndReply(
209 BrowserThread::IO
, FROM_HERE
,
211 &SafeBrowsingUIManager::ReportInvalidCertificateChainOnIOThread
, this,
216 void SafeBrowsingUIManager::AddObserver(Observer
* observer
) {
217 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
218 observer_list_
.AddObserver(observer
);
221 void SafeBrowsingUIManager::RemoveObserver(Observer
* observer
) {
222 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
223 observer_list_
.RemoveObserver(observer
);
226 void SafeBrowsingUIManager::ReportSafeBrowsingHitOnIOThread(
227 const GURL
& malicious_url
,
228 const GURL
& page_url
,
229 const GURL
& referrer_url
,
231 SBThreatType threat_type
,
232 const std::string
& post_data
) {
233 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
235 // The service may delete the ping manager (i.e. when user disabling service,
236 // etc). This happens on the IO thread.
237 if (sb_service_
.get() == NULL
|| sb_service_
->ping_manager() == NULL
)
240 DVLOG(1) << "ReportSafeBrowsingHit: " << malicious_url
<< " " << page_url
241 << " " << referrer_url
<< " " << is_subresource
<< " "
243 sb_service_
->ping_manager()->ReportSafeBrowsingHit(
244 malicious_url
, page_url
,
245 referrer_url
, is_subresource
,
246 threat_type
, post_data
);
249 void SafeBrowsingUIManager::ReportInvalidCertificateChainOnIOThread(
250 const std::string
& serialized_report
) {
251 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
253 // The service may delete the ping manager (i.e. when user disabling service,
254 // etc). This happens on the IO thread.
255 if (!sb_service_
|| !sb_service_
->ping_manager())
258 sb_service_
->ping_manager()->ReportInvalidCertificateChain(serialized_report
);
261 // If the user had opted-in to send MalwareDetails, this gets called
262 // when the report is ready.
263 void SafeBrowsingUIManager::SendSerializedMalwareDetails(
264 const std::string
& serialized
) {
265 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
267 // The service may delete the ping manager (i.e. when user disabling service,
268 // etc). This happens on the IO thread.
269 if (sb_service_
.get() == NULL
|| sb_service_
->ping_manager() == NULL
)
272 if (!serialized
.empty()) {
273 DVLOG(1) << "Sending serialized malware details.";
274 sb_service_
->ping_manager()->ReportMalwareDetails(serialized
);
278 void SafeBrowsingUIManager::UpdateWhitelist(const UnsafeResource
& resource
) {
279 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
280 // Whitelist this domain and warning type for the given tab.
281 WhiteListedEntry entry
;
282 entry
.render_process_host_id
= resource
.render_process_host_id
;
283 entry
.render_view_id
= resource
.render_view_id
;
284 entry
.domain
= net::registry_controlled_domains::GetDomainAndRegistry(
286 net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES
);
287 entry
.threat_type
= resource
.threat_type
;
288 white_listed_entries_
.push_back(entry
);
291 bool SafeBrowsingUIManager::IsWhitelisted(const UnsafeResource
& resource
) {
292 DCHECK_CURRENTLY_ON(BrowserThread::UI
);
293 // Check if the user has already ignored our warning for this render_view
295 for (size_t i
= 0; i
< white_listed_entries_
.size(); ++i
) {
296 const WhiteListedEntry
& entry
= white_listed_entries_
[i
];
297 if (entry
.render_process_host_id
== resource
.render_process_host_id
&&
298 entry
.render_view_id
== resource
.render_view_id
) {
299 return entry
.domain
==
300 net::registry_controlled_domains::GetDomainAndRegistry(
302 net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES
);